I wanted to configure my Hyper-V host with multiple subnets to give me a more realistic network configuration. Seeing how I do not have a full blown lab environment consisting of switches and routers which I could configure for multiple networks, I need a way to meet my needs. I came across numerous sites that contained some good information on achieving this and ultimately, I was not able to get this working properly with the information I found. They did however; lead me down the right path to accomplish what I needed…One Hyper-V host, multiple subnets, without the use of additional hardware or servers wasting my precious resources.

Typically, a virtual host would be dedicated as a virtual host without other roles installed to avoid impacting the performance of the virtual guests. Seeing how this is only used for my lab, I'm not too concerned with a performance impact.

Keep in mind...this post is intended for lab environments only! I do not claim this is a Microsoft supported configuration. You should contact Microsoft Support if you are in question of supported configurations.

My intentions are to divide the servers up, placing one of each type in each of the subnets/AD sites.

Now for the fun stuff…

Configuring Virtual Networks

Assuming you have Hyper-V loaded already perform the following actions:

1. Open Hyper-V Manager and click on Virtual Network Manager on the Actions pane.

2. Click New virtual network and select Internal and click Add.

3. On the New Virtual Network window, fill in the following fields.

Name: vNet Internal 10.10.10.0/24

Notes: (optional)

Connection type: Internal only

Click OK

4. Click New virtual network and select Internal and click Add.

5. On the New Virtual Network window, fill in the following fields.

Name: vNet Internal 10.10.20.0/24

Notes: (optional)

Connection type: Internal only

Click OK

Configuring Network Adapters on the Hyper-V host

6. On the Hyper-V host, open your Network Connections so you can see the network adapters on the Hyper-V host. Once you have completed steps 2 through 5 above, you will see 2 new network adapters in the network connections window. It is recommended that you rename these from “Local Area Connection ‘X’” to match the names you provided in the previous steps or to something that will make it easy for you to distinguish which adapter belongs to what network. This will help eliminate any confusion when selecting the correct adapter for your VMs. It should look similar to this:

You can create as many different networks as you’d like by repeating the steps above.

7. Right click on the network adapter name vNet Internal 10.0 and click properties.

8. Click Internet Protocol Version 4 (TCP/IPv4) and click Properties.

9. Click the radio button for Use the following IP address:

IP Address: 10.10.10.1

Subnet mask: 255.255.255.0

Default Gateway: <blank>

DNS: <optional>

For each of the networks you created, you will need to perform the steps above. Keep in mind; you will need to give each additional network adapter the proper IP address. Since I used 10.10.20.0 as my second network; I would enter 10.10.20.1 in the IP address of the other NIC.

Configuring Routing and Remote Access Service (RRAS)

10. On the Hyper-V host, launch ServerManager.

11. Right-click Roles and select Add Roles.

12. When the Add Roles Wizard launches; on the Before you Begin page, click Next.

Selecting NAT will allow your virtual machines to access the internet. If this isn't your intentions, do NOT select this setting.

23. Review your selections and click Finish.

24. Click Start Service when prompted.

25. Under Routing and Remote Access in the Server Manager, expand IPv4, click NAT and right-click and select New Interface.

26. In the New Interface for IPNAT window, select the network connection with internet access.

27. Select the option for Public interface connected to the Internet and also select Enable NAT on this interface and click OK.

28. You should now see something similar to this:

29. On each of your Hyper-V guests, configure the default gateway to the respective subnet. Below are how I have mine configured:

I have my Preferred DNS server pointing to a public DNS server to test my internet connection since I haven’t configured DNS for my new site. Once the site is configured, I’ll switch to the IP of the DNS server on my new site.

If you can’t ping or access any UNC paths to servers on the other subnets, make sure you check the Windows Firewall and your user permissions. Good luck and enjoy your new setup! Cheers!

Hi Chris. I was looking for this solution for quite some time now and this is exactly what I want to achieve. I followed through your guide but I am unable to RDP to my home server right after I do step 27. My Server only has hyper V role installed. I have installed NPAS and RRAS. It is connected to the internet via Network Cable and WiFi interfaces. I tried enabling NAT for both interfaces (fail). Then tried just WiFi (Fail) then tried just Network Cable (fail). Any idea why? Thanks alot.

I don't get it since the title says that you have only one NIC, yet your environment is configured with two NICs on the host. Did I misunderstand something? And isn't a Hyper-V server not suppored to perform any other services? I mean, I know that Enterprise/datacenter edition can, but is it recommended on production servers?

Apologies for leaving a new comment on your article that dates from more than a year.

I liked the setup and explanation you gave and did the same with my lab. All works well: same concepts as yours, internal VMs accessing perfectly the external and public networks.

But I also wanted access from the External to the Internal networks, for example RDP to the internal VMs using external IPs. This is not working and I don't understand why!

I've enabled RDP on the VMs. On the NAT-enabled interface (Public interface), I've added in the "Services and Ports" section a Remote Desktop rule to translate incoming RDP connections on the interface (192.168.0.51) on port 3391 and 3392 into 10.10.10.2-3 port 3389. I've made sure Firewall rules were open, but also disabling the firewall didn't change a thing. I cannot RDP or telnet using 192.168.0.1:3391 or 3392, although off course telnetting/RDP to the 10.10.10.x addresses from the Host works.

Tried checking the RRAS and Firewall logs but there was nothing related.

Any ideas what I am missing with what seems to be a basic NAT configuration? If not, do you have clues on how better to debug this?

This is more for a lab configuration. I should have made that more clearly in the beginning of the blog and I'll be sure to update this blog to reflect that. I do have 2 physical NICs installed but only one is in use. In the first image of the blog, you can see that the Intel NIC does not have any connectivity. I don’t have the proper hardware or the space in my lab to host allow me to have an ideal environment.

Typically you would not run other services on the Hyper-V host, such as a file and print server or in my case, the RRAS role. Most organizations would not be faced with the challenge I was… (requiring multiple subnets without a router). They would most likely have their networking team configure a switch port with the required subnet and the routing would take place on the switches/routers rather than the Hyper-V host.

Normally, a virtual host would be dedicated as a virtual host without other roles installed to avoid impacting the virtual guests. I cannot state whether or not the configurations I used above are supported or not. That would be something you would have to discuss with Microsoft support.

Hopefully this provides some clarification for you.. I have updated the blog to reflect your comments/concerns and they are greatly appreciated! Thanks!

@Rajesh…that sounds like a routing issue. You may need to look at setting up static routes on your router/switch that point your internal network…also, check the firewall to ensure it’s not blocking traffic.

@Rajesh…sorry, misunderstood what you were asking. So, two things come to mind. Check the VM switchs…if they are internal, they won’t have external access…you would need to change the Switch type from Internal to External. Also check that you selected
the NAT and LAN routing option in step 22. Hope this helps.

@Chris I found out the problem based on what you said. Yes it was a routing issue. In you other post you have asked to enabled the DirectAccess and ROUTING. I missed that. I added that feature. Removed and recreated the RRAS settings and I am in business.
Thanks for your help and quick response.

Excellent instructions. This was just what I was looking for as I want to simulate my network environment in a test lab. I have four seperate locations connected via T1-MPLS WAN with 2 servers at each location. The only thing you forgot to mention is at the end in step 29. Since I created these Internal Vnet interfaces after I already had my Hyper-V guests installed, first I needed to assign the Hyper-V guest to the appropriate Internal Vnet Interface in Hyper-V manager. Then I could start the Hyper-V Guest and configure the IP information as you show. Thanks for these instructions, they helped a lot.

Chris – Great article, exactly what I was looking for. Getting my lab up and running for Microsoft Cloud cert. I followed the steps carefully. My RRAS is up and running with the guest on 172.25.4.0/24 network. I am able to ping the gues from the host,
but I have no access from the guest to anywhere outside. I cannot even ping the gateway 172.25.4.1. Any ideas?

Thanks for this excellent article. I too have a lab situation that perhaps you could help me with.

am using HyperV on both Windows 2008 and Windows 2012 to create test network scenarios. The idea would be as following:

I have two sets of lab VM’s – each set includes a DC, Exchange and a File Server VM. I want both sets to have the same subnet structure so each would be using 192.168.0 addresses. I do not want the two sets to see each other – they are to be completely segregated. And they each must have access to the Internet.

So all the VM’s in set one can communicate with each other but can not communicate with the VM’s in set two but have access to the Internet. All the VM’s in set two can communicate with each other but can not communicate with the VM’s in set one but have access to the Internet.

Assume as well that I have full control of the router/firewall if any changes are required there.

Also assume I can add as many network cards as I want if that’s what is needed for this to work properly.

Please describe for me how I would go about setting up the virtual switch/virtual networks/network card to allow for the above.

Great Its work perfectly, well I need more to congigure that my SCCM Server can see my Hyper-V Client and my Hyper-V Host and SCCM server are in Same Subnet. and My Hyper-v Client can able to ping my SCCM server as well as but from Sccm Server can’t connect my Hyper-V client.

NAT was the key for me, however I seem to remember being able to do this years ago without using NAT? In the old NT days there was simply a checkbox that said “enabled IP routing/forwarding”, which is essentially just LAN routing in RRAS.

Do we need NAT? Shouldn’t LAN routing be enough if I only want to PING from a VM inside the private switched network to the external network? Or does LAN routing just route from the VM Servers nic1 card to the nic2 card, but no further?

Hi Chris, This is exactly what I’ve been looking for, THANKS!!
One question in addition to the the 2 internal switches you’ve created, you have also set up an external switch with the ip 172.20.1.0. Is that ip using the ip configuration of your host NIC?
My aim to set up my networks like you have, but I would like them to also have internet capabilities. Does this solution give me that or will I need to make those two switches external as well? Is that even possible?

hi. I have 1 windows server 2008 std and 1 windows server 2008 r2 in different subnet. Can you guide me how to connect them both? Because I want to test the connectivity using different subnet in. I have tried using internal and external adapter but it’s not working. My laptop have only 1 NIC.